Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/161d71-fd23-4615-b81a-5b5efbeadfd4/1/TUmmTIqHgSSV6NTaxAWAoG0eFlg.mft
File: TUmmTIqHgSSV6NTaxAWAoG0eFlg.mft (raw, json)
Hash identifier: o3iwiaVWtR+nba3zReX0xAgtBZlmenUCIcVNBd/OBI0=
Subject key identifier: 8B:35:96:A5:BF:56:9C:86:B6:AB:F8:B1:E6:B1:4A:63:34:01:35:FB
Authority key identifier: 4D:49:A6:4C:8A:87:81:24:95:E8:D4:DA:C4:05:80:A0:6D:1E:16:58
Certificate issuer: /CN=4d49a64c8a87812495e8d4dac40580a06d1e1658
Certificate serial: 019D39AEFA464C9D230ADAF65A9FDA489BC9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TUmmTIqHgSSV6NTaxAWAoG0eFlg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/161d71-fd23-4615-b81a-5b5efbeadfd4/1/TUmmTIqHgSSV6NTaxAWAoG0eFlg.mft
Manifest number: C6
Signing time: Sun 29 Mar 2026 13:01:01 +0000
Manifest this update: Sun 29 Mar 2026 13:01:01 +0000
Manifest next update: Mon 30 Mar 2026 13:01:01 +0000
Files and hashes: 1: TUmmTIqHgSSV6NTaxAWAoG0eFlg.crl (hash: RPDTO4At+v/rIfaM4zT4Ky0pZPTTOtdOriRzK2w/zO0=)
2: octKgTiP9lDmeXEgs2Q1zE4qib8.roa (hash: /v6RSOFXxlbHWvAMobJnD3DEpi/GGgcUjFIOqnGBes8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/161d71-fd23-4615-b81a-5b5efbeadfd4/1/TUmmTIqHgSSV6NTaxAWAoG0eFlg.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/161d71-fd23-4615-b81a-5b5efbeadfd4/1/TUmmTIqHgSSV6NTaxAWAoG0eFlg.mft
rsync://rpki.ripe.net/repository/DEFAULT/TUmmTIqHgSSV6NTaxAWAoG0eFlg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:ae:fa:46:4c:9d:23:0a:da:f6:5a:9f:da:48:9b:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d49a64c8a87812495e8d4dac40580a06d1e1658
Validity
Not Before: Mar 29 13:01:01 2026 GMT
Not After : Mar 30 13:01:01 2026 GMT
Subject: CN=8b3596a5bf569c86b6abf8b1e6b14a63340135fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:36:31:59:25:3d:22:b5:75:c4:e3:52:a0:33:
b9:9b:8c:e7:4d:1d:b7:f6:9e:c9:3b:ff:f9:75:77:
2c:4e:41:dd:e9:c3:ff:bb:ec:03:ee:ad:7c:14:8a:
58:07:23:4b:41:04:a2:ad:3f:1e:a6:e0:51:55:e5:
60:1f:5e:c7:d8:fb:0e:61:69:8d:30:1c:19:fc:eb:
65:1b:ba:3c:4a:21:4d:18:b3:47:d3:08:be:a2:5e:
70:f0:3a:71:a7:6f:ef:2b:4b:86:75:92:f7:e9:42:
99:f5:a8:d8:fc:6d:c8:f4:b9:83:f2:cf:5f:58:75:
53:77:d3:d7:de:e4:57:33:ab:3f:19:66:06:45:fa:
37:0c:9f:36:f2:66:29:1e:74:b9:61:bc:d9:3b:79:
a4:57:19:bc:db:41:07:b8:31:a6:77:76:43:12:7b:
ae:4f:6e:75:13:09:80:33:ba:e5:27:14:8f:ce:57:
1d:9b:c5:ca:fb:12:dd:e4:32:91:64:b0:35:1e:c3:
09:a8:f0:5a:52:0d:42:f0:fd:c1:b5:67:ee:b0:2b:
c0:64:43:5e:e2:0e:33:6b:ca:94:6a:7f:43:ee:70:
f4:6b:5d:7f:8a:04:78:3c:5c:b0:4f:e8:95:82:6b:
de:c0:f3:45:14:ef:bd:02:aa:87:d0:35:f6:a9:ac:
f8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:35:96:A5:BF:56:9C:86:B6:AB:F8:B1:E6:B1:4A:63:34:01:35:FB
X509v3 Authority Key Identifier:
keyid:4D:49:A6:4C:8A:87:81:24:95:E8:D4:DA:C4:05:80:A0:6D:1E:16:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TUmmTIqHgSSV6NTaxAWAoG0eFlg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/161d71-fd23-4615-b81a-5b5efbeadfd4/1/TUmmTIqHgSSV6NTaxAWAoG0eFlg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/161d71-fd23-4615-b81a-5b5efbeadfd4/1/TUmmTIqHgSSV6NTaxAWAoG0eFlg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
31:bd:ec:8b:a6:d2:ad:e8:f2:20:58:c9:6f:b6:03:16:0e:c9:
20:f3:17:7d:84:11:74:16:d8:f4:7a:42:54:7e:bb:85:2d:14:
e0:c7:fe:7e:98:56:a5:c0:88:0e:41:2c:e2:14:d2:34:c6:ee:
51:c5:9c:12:f5:48:cb:af:a7:9a:bf:a8:6b:0d:18:fe:75:b8:
ca:0a:d0:9f:e4:1c:2b:86:e5:e3:66:2f:de:8a:26:8f:37:f6:
ed:5a:79:bf:05:11:49:28:ad:34:5b:ec:7b:ae:f2:1b:57:05:
29:2b:19:e6:99:b4:b5:2e:98:11:1f:7c:bf:95:41:bf:ab:78:
3f:a0:5d:e2:00:16:26:ad:a7:f2:a9:86:56:d9:a1:2d:5b:b2:
e5:29:80:a2:95:43:61:d5:97:47:10:13:40:e0:d1:3b:c5:5f:
c2:30:60:4b:36:47:8d:e1:7b:c4:36:a5:aa:86:19:b3:70:21:
0f:98:65:fc:ad:60:4a:c4:27:e2:dd:2a:f5:45:d2:c4:cc:73:
e2:11:6a:93:d0:b3:04:06:7e:1f:ae:74:81:68:77:58:17:1c:
6f:5b:b5:2a:ed:b4:59:d0:68:4a:2d:ae:3a:60:cb:55:7f:72:
ca:fd:60:e2:b6:5b:ee:8c:6f:c8:fd:fb:e1:7d:fb:1c:bb:60:
1f:22:3f:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rvpGTJ0jCtr2Wp/aSJvJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNDlhNjRjOGE4NzgxMjQ5NWU4ZDRkYWM0MDU4MGEwNmQx
ZTE2NTgwHhcNMjYwMzI5MTMwMTAxWhcNMjYwMzMwMTMwMTAxWjAzMTEwLwYDVQQD
Eyg4YjM1OTZhNWJmNTY5Yzg2YjZhYmY4YjFlNmIxNGE2MzM0MDEzNWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTYxWSU9IrV1xONSoDO5m4znTR23
9p7JO//5dXcsTkHd6cP/u+wD7q18FIpYByNLQQSirT8epuBRVeVgH17H2PsOYWmN
MBwZ/OtlG7o8SiFNGLNH0wi+ol5w8Dpxp2/vK0uGdZL36UKZ9ajY/G3I9LmD8s9f
WHVTd9PX3uRXM6s/GWYGRfo3DJ828mYpHnS5YbzZO3mkVxm820EHuDGmd3ZDEnuu
T251EwmAM7rlJxSPzlcdm8XK+xLd5DKRZLA1HsMJqPBaUg1C8P3BtWfusCvAZENe
4g4za8qUan9D7nD0a11/igR4PFywT+iVgmvewPNFFO+9AqqH0DX2qaz4/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIs1lqW/VpyGtqv4seaxSmM0ATX7MB8GA1UdIwQY
MBaAFE1JpkyKh4EklejU2sQFgKBtHhZYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFVtbVRJcUhnU1NWNk5UYXhBV0FvRzBlRmxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8xNjFkNzEtZmQyMy00NjE1LWI4MWEt
NWI1ZWZiZWFkZmQ0LzEvVFVtbVRJcUhnU1NWNk5UYXhBV0FvRzBlRmxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8xNjFkNzEtZmQyMy00NjE1LWI4MWEtNWI1ZWZiZWFkZmQ0
LzEvVFVtbVRJcUhnU1NWNk5UYXhBV0FvRzBlRmxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMb3si6bS
rejyIFjJb7YDFg7JIPMXfYQRdBbY9HpCVH67hS0U4Mf+fphWpcCIDkEs4hTSNMbu
UcWcEvVIy6+nmr+oaw0Y/nW4ygrQn+QcK4bl42Yv3oomjzf27Vp5vwURSSitNFvs
e67yG1cFKSsZ5pm0tS6YER98v5VBv6t4P6Bd4gAWJq2n8qmGVtmhLVuy5SmAopVD
YdWXRxATQODRO8VfwjBgSzZHjeF7xDalqoYZs3AhD5hl/K1gSsQn4t0q9UXSxMxz
4hFqk9CzBAZ+H650gWh3WBccb1u1Ku20WdBoSi2uOmDLVX9yyv1g4rZb7oxvyP37
4X37HLtgHyI/vg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:58:44 2026 by rpki-client